9/13/2023 0 Comments Kronos 4500 time clock![]() Its possible that records of employees who have used the clock would reside on it. The data on the device would depend on how it was configured. “These are essentially root on the devices,” Rios said. The Kronos devices run an embedded operating system and the passwords were included to allow technicians who work for the manufacturer to remotely service the devices. Because they are administrative accounts, they give the user total control over the Kronos clocks. “It’s just a scenario that I’m proposing.” One would be the airport control network or a TSA network,” he said. “Often these devices are Internet facing and, on the other end, they’re connected to another network. ![]() However, he said it is reasonable to assume they could. As a result, he cannot prove that individuals who could connect to them and use the default passwords could gain access to the devices or the network they were attached to. Rios said that legal (and ethical) restraints prevented him from further probing the Kronos devices at use at the U.S. The research is just the latest to underscore the role that non-traditional computing devices, such as embedded systems, can play in sophisticated attacks. Rios said he worked with the Department of Homeland Security (DHS) to identify the exposed devices and make sure they could not be accessed from the Internet. Rios discovered one vulnerable TSA-operated Kronos device at San Francisco International Airport and another on the network of an unnamed east coast airport. The accounts are particularly worrying because some vulnerable devices can be discovered using Internet searches, and because TSA is known to use Kronos attendance clocks at major airports. Rios said that an in-depth analysis of the Kronos equipment and the software that it runs revealed two types of backdoor accounts (user names and passwords) that will provide access to any deployed 4500 device. Speaking before an audience at the Black Hat Briefings in Las Vegas on Wednesday, Billy Rios, the Director of Threat Intelligence at Qualys Inc., revealed research on the Kronos 4500, a “time and attendance” product (aka time clock) that employees use to ‘punch in’ and ‘punch out’ from work. ![]() Billy Rios of Qualys said that hard coded passwords in Kronos 4500 time clocks could pose security issues for sensitive networks. A common time clock that is used by companies and government agencies, including the Transportation Security Administration (TSA) contains pre-programmed “back door” user accounts that could allow malicious attackers to gain access to sensitive networks, according to research by a security researcher at Qualys Inc.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |